CVE Daily

CVE-2021-35394

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called...

Critical CVSS 9.8

Overview

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.

CWE: CWE-78 Published: 2021-08-16T12:15:07.267
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags